April 20, 2011 at 12:38 PM ET
Your iPhone has a hidden feature: It tracks and records your location constantly whether you want it to or not. What? You wish it wouldn't do that without your knowledge or consent? Too bad, because there's not much you can do about the tracking feature right now.
Alasdair Allan and Pete Warden, a pair of security researchers, recently discovered that iPhones — as well as 3G-enabled iPads — running iOS 4 constantly record and store their users' locations in unencrypted files. These files are basically very long lists of latitude-longitude coordinates and timestamps, and they can be found on the devices themselves as well as within the software backups saved on users' computers.
Since the tracking data files are unencrypted and unsecured, they can easily be viewed by someone who has physical access to your iPhone, 3G-enabled iPad, or the computer which contains your iOS software backups. As far as anyone can tell at this point though, the data can not be viewed by someone without physical access to those devices — unless you were to copy and send it to him or her, of course.
In order to demonstrate the extent of the data being recorded and stored, Allan and Warden have built and made available a Mac OS app called iPhone Tracker. If this app is opened on a Mac OS computer which has been used to sync an iPhone or 3G-enabled iPad, you will be able to view all the location data which has been recorded by your devices.
I decided to try the app out on my own computer and I chuckled when I saw the first map:
That map hardly revealed anything that a person who follows me on Twitter or Facebook wouldn't know! But then I picked one of those blue blobs on the map and zoomed in. Suddenly I wasn't laughing anymore — I was too busy watching an eerily accurate replay of my travels around my home.
For the sake of my own privacy, I won't show you maps which zoom in any further than the one above, but I assure you that some of the location markers get unnervingly close to some of my favorite haunts.
I was left slightly creeped out, but also in awe of what I was seeing. It was almost fun to take a trip through time — the app can show a time-lapse of the data — and memory. I was confused by some of the spots on the map, but then remembered that I had connecting flights go through those cities. Other spots had no explanation, but that could be due to the fact that cell-tower triangulation may have been used to record the data and led to a few inaccuracies.
Once the fun was over though, I was left with the same question you probably have right now: How can I protect this data?
Well, you're not going to like the answer. It turns out that there is no way to remove the data from your iPhone or 3G-enabled iPad — and there is no way to stop the devices from recording anything further. All you can do is secure the information that is on your computer — you can do so by selecting the "encrypted backups" options in the syncing settings — and be aware that all this data exists.
Allan and Warden have made it a point to reach out to Apple's product security team in hopes of gaining more information about the tracking feature.